Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362DE23/89A6C26455A711F0A059BAEDDAE4EC9C/61A3E35055B111F0BEABAEADDAE4EC9C.roa
File: 61A3E35055B111F0BEABAEADDAE4EC9C.roa (raw, json)
Hash identifier: 5RZ+g8PtYtB8DddiaGipYGbE8zOMK03uWK9ehUr/Igs=
Subject key identifier: 28:4A:63:DF:E9:2C:14:50:48:73:14:95:E0:3A:16:EF:0E:9D:91:55
Certificate issuer: /CN=F362DE23AF/serialNumber=7C7B21D44DD3DECE9AEFA8D1BDD9E1AECF4B518D
Certificate serial: 08
Authority key identifier: 7C:7B:21:D4:4D:D3:DE:CE:9A:EF:A8:D1:BD:D9:E1:AE:CF:4B:51:8D
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/fHsh1E3T3s6a76jRvdnhrs9LUY0.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F362DE23/89A6C26455A711F0A059BAEDDAE4EC9C/61A3E35055B111F0BEABAEADDAE4EC9C.roa
Signing time: Mon 30 Jun 2025 12:54:39 +0000
ROA not before: Mon 30 Jun 2025 12:54:34 +0000
ROA not after: Fri 30 Jun 2045 12:54:34 +0000
asID: 37052
IP address blocks: 41.191.192.0/21 maxlen: 21
41.191.192.0/24 maxlen: 24
41.191.193.0/24 maxlen: 24
41.191.194.0/24 maxlen: 24
41.191.195.0/24 maxlen: 24
41.191.196.0/24 maxlen: 24
41.191.197.0/24 maxlen: 24
41.191.198.0/24 maxlen: 24
41.191.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F362DE23/89A6C26455A711F0A059BAEDDAE4EC9C/fHsh1E3T3s6a76jRvdnhrs9LUY0.crl
rsync://rpki.afrinic.net/repository/member_repository/F362DE23/89A6C26455A711F0A059BAEDDAE4EC9C/fHsh1E3T3s6a76jRvdnhrs9LUY0.mft
rsync://rpki.afrinic.net/repository/afrinic/fHsh1E3T3s6a76jRvdnhrs9LUY0.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Sun 06 Jul 2025 00:06:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8 (0x8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F362DE23AF, serialNumber=7C7B21D44DD3DECE9AEFA8D1BDD9E1AECF4B518D
Validity
Not Before: Jun 30 12:54:34 2025 GMT
Not After : Jun 30 12:54:34 2045 GMT
Subject: CN=6862890f-89aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:33:0d:28:c7:fb:8f:70:2b:05:80:5a:e6:d7:
38:f6:57:ef:66:e5:8e:40:4c:76:21:c9:37:f4:96:
ab:7d:32:5a:ec:ad:57:4a:ac:58:00:d7:03:48:c5:
ef:ab:7c:b2:50:ab:7a:96:0d:96:cc:e1:38:48:75:
9e:60:66:4c:d7:d3:d8:ff:00:c2:15:7d:ab:ca:47:
b3:d4:43:8f:79:37:36:4f:2c:e7:ac:6e:81:42:4b:
e9:13:f0:2d:aa:ea:65:e0:e3:31:69:e6:06:63:04:
73:ff:cc:93:46:83:f9:c6:c9:8b:a2:9f:c8:55:4c:
d8:3f:1e:c2:77:48:49:b6:85:f1:70:99:f9:36:8a:
ef:58:5e:12:7b:c1:ef:a5:58:24:a9:32:ff:73:d2:
ce:87:a2:25:36:98:22:5e:93:1a:d6:4a:ce:ca:14:
3a:7e:02:b0:b5:c4:10:ae:31:c0:8b:fb:f7:73:c3:
a0:c6:12:dd:4e:cb:4a:2d:a3:4c:97:03:43:d5:ec:
da:d8:7d:06:aa:2e:6c:12:35:b6:5d:70:fd:23:3f:
bc:0b:1e:b5:c9:50:0c:57:5a:76:56:4d:f3:2a:45:
80:28:42:17:11:2a:61:a9:bd:43:38:34:80:ea:a7:
f3:9f:5a:99:4e:c7:93:02:6b:ba:82:b2:ef:5c:88:
4e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:4A:63:DF:E9:2C:14:50:48:73:14:95:E0:3A:16:EF:0E:9D:91:55
X509v3 Authority Key Identifier:
keyid:7C:7B:21:D4:4D:D3:DE:CE:9A:EF:A8:D1:BD:D9:E1:AE:CF:4B:51:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F362DE23/89A6C26455A711F0A059BAEDDAE4EC9C/fHsh1E3T3s6a76jRvdnhrs9LUY0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/fHsh1E3T3s6a76jRvdnhrs9LUY0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362DE23/89A6C26455A711F0A059BAEDDAE4EC9C/61A3E35055B111F0BEABAEADDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
41.191.192.0/21
Signature Algorithm: sha256WithRSAEncryption
84:3f:18:ae:84:6f:79:69:52:e5:68:0d:1c:d3:c0:86:dd:01:
e8:66:a4:29:88:42:e6:01:a8:a5:7c:2c:bb:55:d5:15:d0:2b:
36:5f:6a:62:fd:2b:03:4b:9c:f4:3a:15:0f:86:26:30:49:a0:
c2:8f:08:fb:12:a4:e4:8d:b6:42:2c:b6:71:95:1b:42:a6:02:
33:f2:b7:51:85:a2:7c:f3:76:8e:12:ae:e2:50:af:76:c3:ba:
1e:f5:cf:96:11:cb:c6:d8:e7:ea:29:d9:e4:81:58:2f:5f:38:
b6:ca:43:3c:3e:f3:d6:dd:bc:f6:98:84:8b:11:dd:23:97:b5:
50:a6:f6:9c:56:da:c4:e2:f9:ad:b6:8c:52:6f:0c:53:ba:8c:
03:4d:92:de:f0:12:2f:38:21:8b:26:80:95:6d:2a:08:60:9c:
e9:02:98:92:11:67:e8:18:49:e6:46:56:1a:2f:2d:34:3a:67:
ae:33:f5:9b:2b:a0:e1:bb:8b:ff:b6:09:da:e9:61:2b:03:39:
e9:6c:20:b2:4c:e3:96:c5:e5:a3:d9:bc:32:ea:1d:09:4d:57:
e0:c7:04:35:42:20:27:41:37:38:21:a8:bb:97:fd:87:ba:ee:
ee:2d:7d:d6:03:15:2a:e1:a8:12:c6:d8:f2:07:bd:bd:e0:4e:
3d:c1:f8:75
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
REUyM0FGMTEwLwYDVQQFEyg3QzdCMjFENDRERDNERUNFOUFFRkE4RDFCREQ5RTFB
RUNGNEI1MThEMB4XDTI1MDYzMDEyNTQzNFoXDTQ1MDYzMDEyNTQzNFowGDEWMBQG
A1UEAxMNNjg2Mjg5MGYtODlhYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPYzDSjH+49wKwWAWubXOPZX72bljkBMdiHJN/SWq30yWuytV0qsWADXA0jF
76t8slCrepYNlszhOEh1nmBmTNfT2P8AwhV9q8pHs9RDj3k3Nk8s56xugUJL6RPw
LarqZeDjMWnmBmMEc//Mk0aD+cbJi6KfyFVM2D8ewndISbaF8XCZ+TaK71heEnvB
76VYJKky/3PSzoeiJTaYIl6TGtZKzsoUOn4CsLXEEK4xwIv793PDoMYS3U7LSi2j
TJcDQ9Xs2th9BqoubBI1tl1w/SM/vAsetclQDFdadlZN8ypFgChCFxEqYam9Qzg0
gOqn859amU7HkwJruoKy71yITv8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQoSmPf
6SwUUEhzFJXgOhbvDp2RVTAfBgNVHSMEGDAWgBR8eyHUTdPezprvqNG92eGuz0tR
jTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkRFMjMvODlBNkMyNjQ1NUE3MTFGMEEwNTlCQUVEREFFNEVDOUMvZkhzaDFF
M1QzczZhNzZqUnZkbmhyczlMVVkwLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvZkhzaDFFM1QzczZhNzZqUnZkbmhyczlMVVkwLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MkRFMjMvODlBNkMyNjQ1NUE3MTFGMEEwNTlCQUVEREFF
NEVDOUMvNjFBM0UzNTA1NUIxMTFGMEJFQUJBRUFEREFFNEVDOUMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAym/wDANBgkqhkiG9w0BAQsF
AAOCAQEAhD8YroRveWlS5WgNHNPAht0B6GakKYhC5gGopXwsu1XVFdArNl9qYv0r
A0uc9DoVD4YmMEmgwo8I+xKk5I22Qiy2cZUbQqYCM/K3UYWifPN2jhKu4lCvdsO6
HvXPlhHLxtjn6inZ5IFYL184tspDPD7z1t289piEixHdI5e1UKb2nFbaxOL5rbaM
Um8MU7qMA02S3vASLzghiyaAlW0qCGCc6QKYkhFn6BhJ5kZWGi8tNDpnrjP1myug
4buL/7YJ2ulhKwM56WwgskzjlsXlo9m8MuodCU1X4McENUIgJ0E3OCGou5f9h7ru
7i191gMVKuGoEsbY8ge9veBOPcH4dQ==
-----END CERTIFICATE-----
Generated at Fri Jul 4 08:02:16 2025 by rpki-client